Jameson Lopp, the Chief Security Officer at Bitcoin (Btc) Custody Company Casa, alarm sounds on Bitcoin poisoning attacks, a social engineering scam that uses similar addresses from a victim’s transaction history to fool them into sending funds to malicious address.
According to LOPP’s Feb 6 articleThe threat actors form BTC addresses that correspond to the first and last number of addresses from the victim’s transaction history. LOPP reviews Bitcoin Blockchain history for this attack type and found:
“The first such transactions did not appear until 797570 was blocked, July 7, 2023, with 36 such transactions. Then, all quiet until we blocked 819455, December 12, 2023, after which we could find regular explosions of these transactions up to Block 881172, January 28, 2025, then there was a 2-year rest before they started before they started before they started before they started. again. ”
“Over these 18 months, only ashamed of 48,000 transactions have been sent matching this profile of potential address poisoning,” LOPP added.
Example of a poisonous address of address. Source: jRace of Ameson
The Executive urged Bitcoin holders to thoroughly review the addresses before sending funds and called for better purse interfaces that fully display the addresses. LOPP’s warning features the emerging exploitation of cybersecurity and deceptive schemes that destroy the industry.
Related: Interpreting Crypto, scam losses dropped to $ 28.8m in March after February Spike
Meet poisoning poisoning and take advantage of billions -billions of billions -billions of stolen user funds
According to the cybersecurity firm CyversMore than $ 1.2 million is stolen by addressing of address poisoning In March 2025. Cyvers CEO Deddy Lavid said these types of attacks would cost users $ 1.8 million in February.
Blockchain Security Firm estimates that peckshield the total Amount lost in crypto hacks In Q1 2025 over $ 1.6 billion, along bybit hack accounting for most stolen funds.
Bybit Hack in February is responsible $ 1.4 billion in losses and represents Biggest crypto hack in history.
Cybersecurity experts are tied to attacking on Northern hacker related to the state It uses complex and emerging social engineering schemes to steal cryptocurrencies and sensitive data from targets.
Common Lazarus Group Social Engineering Scam groups include deceptive job offers, zoom meetings with fake venture capitalists, and phishing scams on social media.
Magazine: 2 Auditors Miss $ 27M Penpie Flaw, Pythia’s ‘Claim Rewards’ Bug: Crypto-SEC
